Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: InfoSec Handlers Diary Blog - SANS Internet Storm Center InfoSec Handlers Diary Blog

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Cuckoo 0.5 is out and the world didn't end

Published: 2013-01-08
Last Updated: 2013-01-08 02:34:56 UTC
by Jim Clausing (Version: 1)
0 comment(s)

This one kind of slipped by unnoticed over the holidays, but Claudio & company released a new version of the Cuckoo sandbox and it has some some nice new features.  Some of the more significant ones to me are:

  • full memory dumps of the virtual machines
  • added packages for jar, java applet, and zip files
  • support for Windows 7 (yippee!!!)

Add to that lots of other improvements and bug fixes (check them out at the link below) and I can't wait to play with it myself.  This project is turning into a very nice flexible automated malware analysis tool.  If any of our readers have had a chance to try out the new version and want to share their thoughts, please let us know in the comments or via the contact form.  If I get a chance to do some serious playing with it before my next shift, I'll try to write up my experiences.  In the meantime, kudos to Claudio & company, keep up the good work.


Jim Clausing, GIAC GSE #26
jclausing --at-- isc [dot] sans (dot) edu

0 comment(s)
Diary Archives